The PCI DSS Self-Assessment Questionnaires (SAQs) are validation tools for use by SAQ-eligible merchants and service providers to perform and report the results of their PCI DSS self-assessments. There are several different SAQs, developed for specific types of environments as defined in each SAQ’s eligibility criteria.

Each SAQ contains a "Completing the Self-Assessment Questionnaire" section, which outlines the type of environment that the SAQ is intended for. All the eligibility criteria for a particular SAQ must be met to use that SAQ.

Additional guidance is also provided in PCI DSS Self-Assessment Questionnaire Instructions and Guidelines, available in the Document Library.

Merchants should consult with their compliance-accepting entity - the entity to which the SAQ will be submitted (typically, an acquirer (merchant bank) or a payment brand) to determine if they are eligible to evaluateor required to submit an SAQ, and reportif so, which SAQ is appropriate for their environment.

SAQ D for Service Providers is the ONLY SAQ for SAQ-eligible service providers. All other SAQs are for merchant use only.

Refer to FAQ 1133: Why are there multiple PCI DSS compliance via self-assessment. There are a number of different SAQs available that are intended meet the needs of particular types of environments.

Each SAQ contains a ?Before you Begin? section, which outlines the type of environment that the SAQ is intended for. All the eligibility criteria for a particular SAQ must be met in order to use that SAQ.

Additional guidance is also provided in the PCI DSS Self-Assessment Questionnaire Instructions and Guidelines document in the Document Library.

Merchants should also consult with their acquirer (merchant bank) or payment brand to determine if they are eligible or required to submit an SAQ, and if so, which SAQ is appropriate for their environment.Questionnaires (SAQs)?